Updated squid packages fix security vulnerabilities: Jeriko One discovered that Squid incorrectly handled memory when connected to an FTP server. A remote attacker could possibly use this issue to obtain sensitive information from Squid memory (CVE-2019-12528). Regis Leroy discovered that Squid incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to access server resources prohibited by earlier security filters (CVE-2020-8449). Guido Vranken discovered that Squid incorrectly handled certain buffer operations when acting as a reverse proxy. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2020-8450). Aaron Costello discovered that Squid incorrectly handled certain NTLM authentication credentials. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service (CVE-2020-8517).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 7 | noarch | squid | <Â 4.10-1 | squid-4.10-1.mga7 |